Limiting users searches in AD

[Guest]

Is there a way to not allow users in a certain OU to do a search on the entire Active Directory or at least hide things when they do search? For example, we have a couple of projects that are split in different OUs, we would rather they not know each other exist. This is not a problem if they attempt to search the directory using My Network Places, however if they use the search feature for windows (Programs > Search > ...) and choose to do a search on the directory and leave the field blank all objects in the directory show up. Is there a way to prevent this? It would be great if they could only search for things located within their OU

PA

 

[Chriss3]

PAR, Remove Authenticated Users Group from the ACL of the particular OU you
want to hide. If you want it visible to a group of users add the group and
assign read, List Content , Read All Properties, Read Permissions. If you
have extended the Schema with other products you may need to grant
permissions to Authenticated Users Group anyway such Live Communication
Server can't functional without Read RTCUserSearchPropertySet for example.

--
Regards
Christoffer Andersson

No email replies please - reply in the newsgroup

Is there a way to not allow users in a certain OU to do a search on the

entire Active Directory or at least hide things when they do search? For
example, we have a couple of projects that are split in different OUs, we
would rather they not know each other exist. This is not a problem if they
attempt to search the directory using My Network Places, however if they use
the search feature for windows (Programs > Search > ...) and choose to do a
search on the directory and leave the field blank all objects in the
directory show up. Is there a way to prevent this? It would be great if
they could only search for things located within their OU.